This page documents the wiki's JSON HTTP API: available endpoints, expected requests and responses, and authentication notes.
All API endpoints are rooted under /api and return JSON (or appropriate HTTP status codes). The API is intentionally small and mirrors the actions available in the web UI.
/login (POST form fields username and password) to obtain a session cookie. Subsequent API requests should send that cookie.is_admin and you can access admin-only endpoints such as DELETE.Examples (using curl and a cookie jar):
# Log in (interactive web form also works). Replace credentials as appropriate.
curl -c cookies.txt -d "username=alice" -d "password=secret" -X POST https://example.org/login
# Use the saved cookie for API calls
curl -b cookies.txt https://example.org/api/pages
Return a list of available page base names.
Response example
{ "pages": ["Home", "About", "Linux_Router_HOWTO"] }
Return JSON with name, markdown (source if present) and html (rendered HTML if present). name should be a URL-encoded page name (page filenames use underscores; the API accepts either underscored or spaced names if URL-encoded).
Success: 200
Example response
{
"name": "Linux_Router_HOWTO",
"markdown": "# Router howto\n...",
"html": "<h1 id=\"router-howto\">Router howto</h1>..."
}
If the page doesn't exist the endpoint returns 404 and a JSON error object.
Create a new page. Requires an authenticated session.
Request body: JSON with the following fields
name — page base name (string). Use underscores for filenames (e.g. My_Page) or a human-friendly name; the server will sanitize with safe_name().content — Markdown source for the page (string). Optional (defaults to empty string).Headers: Content-Type: application/json
Success: 201 Created
Response example
{ "name": "My_Page" }
Errors:
400 — missing name401 — authentication required500 — write failure (filesystem error), response includes detail with an error stringUpdate an existing page or create it if missing. Requires an authenticated session.
Request body: JSON
content — Markdown source (required)Success: 200 with { "name": "<safe_name>" }
Errors:
400 — missing content401 — authentication required500 — write failureExample (update):
curl -b cookies.txt -H "Content-Type: application/json" -X PUT \
-d '{"content": "# Updated\nNew content..."}' \
https://example.org/api/pages/My_Page
Delete a page. Requires the user to be logged in and to have admin privileges (is_admin).
Success: 204 No Content (empty body)
Errors:
401 — authentication required403 — admin required404 — page not found500 — delete failedExample:
curl -b cookies.txt -X DELETE https://example.org/api/pages/My_Page
name parameter is passed through safe_name() which strips suspicious characters and replaces slashes with underscores.GET /api/pages/<name> does not include per-page metadata (last_modified) by default; metadata is available via the site UI and the pages_meta/ files on disk.pages_meta/<name>.history.json.ts (epoch seconds), ts_human (UTC timestamp), user, action (create, edit, delete, etc.), summary (optional), and diff (string).diff value, when present, is a unified diff (text) computed from the previous Markdown source to the new Markdown source (similar to diff -u before.md after.md).<pre> block on the per-article history page (/history/<name>).GET /api/pages/<name> does not include history or diffs; to view history use the web UI at /history/<name> or read the pages_meta/<name>.history.json file on disk.curl -c/-b or a script that handles the login form and preserves the cookie jar.401 while authenticated in the browser, ensure your script sends the same cookie jar or includes the session cookie.